The RSA Algorithm Joo Seok Song 2007 11
- Slides: 31
The RSA Algorithm Joo. Seok Song 2007. 11. 13. Tue
Private-Key Cryptography § traditional private/secret/single key cryptography uses one key § shared by both sender and receiver § if this key is disclosed communications are compromised § also is symmetric, parties are equal § hence does not protect sender from receiver forging a message & claiming is sent by sender CCLAB
Public-Key Cryptography § probably most significant advance in the 3000 year history of cryptography § uses two keys – a public & a private key § asymmetric since parties are not equal § uses clever application of number theoretic concepts to function § complements rather than replaces private key crypto CCLAB
Public-Key Cryptography § public-key/two-key/asymmetric cryptography involves the use of two keys: – a public-key, which may be known by anybody, and can be used to encrypt messages, and verify signatures – a private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures § is asymmetric because – those who encrypt messages or verify signatures cannot decrypt messages or create signatures CCLAB
Public-Key Cryptography CCLAB
Why Public-Key Cryptography? § developed to address two key issues: – key distribution – how to have secure communications in general without having to trust a KDC with your key – digital signatures – how to verify a message comes intact from the claimed sender § public invention due to Whitfield Diffie & Martin Hellman at Stanford Uni in 1976 – known earlier in classified community CCLAB
Public-Key Characteristics § Public-Key algorithms rely on two keys with the characteristics that it is: – computationally infeasible to find decryption key knowing only algorithm & encryption key – computationally easy to en/decrypt messages when the relevant (en/decrypt) key is known – either of the two related keys can be used for encryption, with the other used for decryption (in some schemes) CCLAB
Public-Key Cryptosystems CCLAB
Public-Key Applications § can classify uses into 3 categories: – encryption/decryption (provide secrecy) – digital signatures (provide authentication) – key exchange (of session keys) § some algorithms are suitable for all uses, others are specific to one CCLAB
Security of Public Key Schemes § like private key schemes brute force exhaustive search attack is always theoretically possible § but keys used are too large (>512 bits) § security relies on a large enough difference in difficulty between easy (en/decrypt) and hard (cryptanalyse) problems § more generally the hard problem is known, its just made too hard to do in practise § requires the use of very large numbers § hence is slow compared to private key schemes CCLAB
RSA § by Rivest, Shamir & Adleman of MIT in 1977 § best known & widely used public-key scheme § based on exponentiation in a finite (Galois) field over integers modulo a prime – nb. exponentiation takes O((log n)3) operations (easy) § uses large integers (eg. 1024 bits) § security due to cost of factoring large numbers – nb. factorization takes O(e log n) operations (hard) CCLAB
RSA Key Setup § each user generates a public/private key pair by: § selecting two large primes at random - p, q § computing their system modulus N=p. q – note ø(N)=(p-1)(q-1) § selecting at random the encryption key e where 1<e<ø(N), gcd(e, ø(N))=1 § solve following equation to find decryption key d – e. d=1 mod ø(N) and 0≤d≤N § publish their public encryption key: KU={e, N} § keep secret private decryption key: KR={d, p, q} CCLAB
RSA Use § to encrypt a message M the sender: – obtains public key of recipient KU={e, N} – computes: C=Me mod N, where 0≤M<N § to decrypt the ciphertext C the owner: – uses their private key KR={d, p, q} – computes: M=Cd mod N § note that the message M must be smaller than the modulus N (block if needed) CCLAB
Prime Numbers § prime numbers only have divisors of 1 and self – they cannot be written as a product of other numbers – note: 1 is prime, but is generally not of interest § eg. 2, 3, 5, 7 are prime, 4, 6, 8, 9, 10 are not § prime numbers are central to number theory § list of prime number less than 200 is: 2 3 5 7 11 13 17 19 23 29 31 37 41 43 47 53 59 61 67 71 73 79 83 89 97 101 103 107 109 113 127 131 137 139 149 151 157 163 167 173 179 181 193 197 199 CCLAB
Prime Factorisation § to factor a number n is to write it as a product of other numbers: n=a × b × c § note that factoring a number is relatively hard compared to multiplying the factors together to generate the number § the prime factorisation of a number n is when its written as a product of primes – eg. 91=7× 13 ; 3600=24× 32× 52 CCLAB
Relatively Prime Numbers & GCD § two numbers a, b are relatively prime if have no common divisors apart from 1 – eg. 8 & 15 are relatively prime since factors of 8 are 1, 2, 4, 8 and of 15 are 1, 3, 5, 15 and 1 is the only common factor § conversely can determine the greatest common divisor by comparing their prime factorizations and using least powers – eg. 300=21× 31× 52 18=21× 32 hence GCD(18, 300)=21× 31× 50=6 CCLAB
Fermat's Theorem § ap-1 mod p = 1 – where p is prime and gcd(a, p)=1 § also known as Fermat’s Little Theorem § useful in public key and primality testing CCLAB
Euler Totient Function ø(n) § when doing arithmetic modulo n § complete set of residues is: 0. . n-1 § reduced set of residues is those numbers (residues) which are relatively prime to n – eg for n=10, – complete set of residues is {0, 1, 2, 3, 4, 5, 6, 7, 8, 9} – reduced set of residues is {1, 3, 7, 9} § number of elements in reduced set of residues is called the Euler Totient Function ø(n) CCLAB
Euler Totient Function ø(n) § to compute ø(n) need to count number of elements to be excluded § in general need prime factorization, but – for p (p prime) ø(p) = p-1 – for p. q (p, q prime) ø(p. q) = (p-1)(q-1) § eg. – ø(37) = 36 – ø(21) = (3– 1)×(7– 1) = 2× 6 = 12 CCLAB
Euler's Theorem § a generalisation of Fermat's Theorem § aø(n)mod N = 1 – where gcd(a, N)=1 § eg. – – CCLAB a=3; n=10; ø(10)=4; hence 34 = 81 = 1 mod 10 a=2; n=11; ø(11)=10; hence 210 = 1024 = 1 mod 11
Why RSA Works § because of Euler's Theorem: § aø(n)mod N = 1 – where gcd(a, N)=1 § in RSA have: – – N=p. q ø(N)=(p-1)(q-1) carefully chosen e & d to be inverses mod ø(N) hence e. d=1+k. ø(N) for some k § hence : Cd = (Me)d = M 1+k. ø(N) = M 1. (Mø(N))q = M 1. (1)q = M 1 = M mod N CCLAB
RSA Example 1. 2. 3. 4. 5. Select primes: p=17 & q=11 Compute n = pq =17× 11=187 Compute ø(n)=(p– 1)(q-1)=16× 10=160 Select e : gcd(e, 160)=1; choose e=7 Determine d: de=1 mod 160 and d < 160 Value is d=23 since 23× 7=161= 10× 160+1 6. Publish public key KU={7, 187} 7. Keep secret private key KR={23, 17, 11} CCLAB
RSA Example cont § sample RSA encryption/decryption is: § given message M = 88 (nb. 88<187) § encryption: C = 887 mod 187 = 11 § decryption: M = 1123 mod 187 = 88 CCLAB
Exponentiation § § can use the Square and Multiply Algorithm a fast, efficient algorithm for exponentiation concept is based on repeatedly squaring base and multiplying in the ones that are needed to compute the result § look at binary representation of exponent § only takes O(log 2 n) multiples for number n – eg. 75 = 74. 71 = 3. 7 = 10 mod 11 – eg. 3129 = 3128. 31 = 5. 3 = 4 mod 11 CCLAB
Exponentiation CCLAB
RSA Key Generation § users of RSA must: – determine two primes at random - p, q – select either e or d and compute the other § primes p, q must not be easily derived from modulus N=p. q – means must be sufficiently large – typically guess and use probabilistic test § exponents e, d are inverses, so use Inverse algorithm to compute the other CCLAB
RSA Security § three approaches to attacking RSA: – brute force key search (infeasible given size of numbers) – mathematical attacks (based on difficulty of computing ø(N), by factoring modulus N) – timing attacks (on running of decryption) CCLAB
Factoring Problem § mathematical approach takes 3 forms: – factor N=p. q, hence find ø(N) and then d – determine ø(N) directly and find d – find d directly § currently believe all equivalent to factoring – have seen slow improvements over the years as of Aug-99 best is 130 decimal digits (512) bit with GNFS – biggest improvement comes from improved algorithm cf “Quadratic Sieve” to “Generalized Number Field Sieve” – barring dramatic breakthrough 1024+ bit RSA secure ensure p, q of similar size and matching other constraints CCLAB
Timing Attacks § developed in mid-1990’s § exploit timing variations in operations – eg. multiplying by small vs large number – or IF's varying which instructions executed § infer operand size based on time taken § RSA exploits time taken in exponentiation § countermeasures – use constant exponentiation time – add random delays – blind values used in calculations CCLAB
Summary § have considered: – – – – CCLAB prime numbers Fermat’s and Euler’s Theorems Primality Testing Chinese Remainder Theorem Discrete Logarithms principles of public-key cryptography RSA algorithm, implementation, security
Assignments 1. Perform encryption and decryption using RSA algorithm, as in Figure 1, for the following: ① p = 3; q = 11, e = 7; M = 5 ② p = 5; q = 11, e = 3; M = 9 Encryption Plaintext 88 887 mod 187 = 11 Decryption Ciphertext 11 1123 mod 187 = 88 KU = 7, 187 KR = 23, 187 Figure 1. Example of RSA Algorithm Plaintext 88 2. In a public-key system using RSA, you intercept the ciphertext C = 10 sent to a user whose public key is e = 5, n = 35. What is the plaintext M? CCLAB 31
- Khi nào hổ mẹ dạy hổ con săn mồi
- Sự nuôi và dạy con của hươu
- Java rsa implementation
- Rsa algorithm formula
- Rsa program in java
- Rsa algorithm
- Rsa example
- Rsa algorithm in cryptography and network security
- Line dancing electric slide
- Jessica joo
- Si comprehendis non est deus
- Joo teoh
- Eduardo joo
- Dr tan huck joo
- Zeinab chahine
- Pyothorax without fistula
- Joo silva gozando
- Hexeditine
- Joo silva tt
- Kinga joo
- Hee joo lee
- I joo
- Daniel kattan
- Joo 3:16
- Joo o
- Maria joo
- Dr joo teoh reviews
- Pospia
- Maria joo
- Fantoche joão e maria
- Programming
- Joo hee jin